package com.cq.realm;


import com.cq.pojo.LoginUser;
import com.cq.service.LoginService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import javax.servlet.http.HttpServletRequest;
import java.util.HashSet;
import java.util.Set;

/*
*   认证域
*       给shiro框架返回系统中用户的认证信息
*       给shiro框架返回系统中用户的授权信息
*
*/


public class MyShiroRealm extends AuthorizingRealm {

    @Autowired
    private LoginService loginService;

    private HttpServletRequest request;

    //给shiro框架返回系统中用户的认证信息
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        //使用认证令牌获取当前登录的用户名
        String username = (String) token.getPrincipal();


        //在我们的系统中查询用户的认证信息
//        User user = userService.getOneByUsername(username);
        char c = username.charAt(0);
        LoginUser loginUser=null;
        if(c=='E'){
            loginUser= loginService.selectByUsernameByEmp(username);

        }else if(c=='A'){
            loginUser= loginService.selectByUsername(username);
        }else{
            loginUser= loginService.selectByUsernameByStudent(Integer.parseInt(username));
        }
        System.out.println("username==="+username);
        System.out.println("===========================>"+loginUser);
        //如果用户不存在，抛出用户不存在的异常
        if (loginUser == null){
            throw new UnknownAccountException(username+"不存在");
        }
        //在shiro会话域中共享用户信息，以便业务层获取使用
        Session session = SecurityUtils.getSubject().getSession();
        session.setAttribute("loginUsers",loginUser);
        //使用三个参数的构造方法类构造，用户名、密码、当前认证域的名称
//        SimpleAuthenticationInfo info =
//              new SimpleAuthenticationInfo(username,user.getPassword(),getName());
        //这里的user的password提供的是暗文密码，还得提供 盐salt，提供的盐为用户的用户名
        //类型转换
        ByteSource saltBytes = ByteSource.Util.bytes(loginUser.getUsername());
        //使用4个参数的构造方法来构造认证信息
        SimpleAuthenticationInfo info =
                new SimpleAuthenticationInfo(username,loginUser.getPassword(),saltBytes,getName());
        System.out.println("获取认证信息");
        return info;
    }

    //给shiro框架返回系统中用户的授权信息
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {
        System.out.println("获取授权信息");
        //获取当前的用户名
        String username = (String)principal.getPrimaryPrincipal();
        //系统中查询待授权用户的权限信息：角色信息、权限信息
//        LonginIn user = userService.getOneByUsername(username);
        char c = username.charAt(0);
        LoginUser loginUser=null;
        if(c=='E'){
            loginUser= loginService.selectByUsernameByEmp(username);

        }else if(c=='A'){
            loginUser= loginService.selectByUsername(username);
        }else{
            loginUser= loginService.selectByUsernameByStudent(Integer.parseInt(username));
        }
        System.out.println("username==="+username);
        System.out.println("===========================>"+loginUser);

        //组装一个Set<String>型角色信息
        Set<String> roles = new HashSet<>();
        //组装一个Set<String>型的权限信息
        Set<String> perms = new HashSet<>();
        roles.add(loginUser.getRole());
        //创建一个授权信息对象
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        //赋予角色相关的授权信息
        info.setRoles(roles);
        //赋予权限相关的授权信息
        info.setStringPermissions(perms);
        return info;
    }


}
